• 한국컴퓨터정보학회:학술대회논문집
• /
• 한국컴퓨터정보학회 2011년도 제44차 하계학술발표논문집 19권2호
• /
• pp.191-195
• /
• 2011

Smart Phone의 OS로 많이 사용하는 Android/Windows Mobile Smart Phone의 사용이 급격히 증가하고 있다. 무료 WiFi Zone과 인터넷 사용에 대한 취약점이 존재한다. Mobile Forensic의 증거 자료를 추출하는 방법은 SYN, JTAG, Revolving 방법이 있지만, 기존 휴대폰과 달리 Smart Phone은 OS와 구조, 사용방식과 기술의 차이로 인한 Mobile Forensic 연구 방법도 달라야 한다. 본 논문에서는 Smart Phone에서는 많이 사용되는 Windows Mobile/Android Smart Phone의 OS와 구조 차이를 분석한 데이터 백업과 스펙 분석 및 증거자료 분석을 한다. 또한 무료 WiFi Zone을 통한 인터넷 사용시에 취약점을 분석한다. 그리고 Android/Windows Mobile Smart Phone의 Forensic 자료를 생성하여 증거를 추출하고, Mobile Forensic 보고서를 생성한다. 본 연구를 통하여 Mobile Forensic의 기술 발전에 초석을 제공할 것이다.

• 대한의생명과학회지
• /
• 제28권3호
• /
• pp.157-169
• /
• 2022

DNA typing is the typical technology in the forensic science and plays a significant role in the personal identification of victims and suspects. Short tandem repeat (STR) is the short tandemly repeated DNA sequence consisting of 2~7 bp DNA units in specific loci. It is disseminated across the human genome and represents polymorphism among individuals. Because polymorphism is a key feature of the application of DNA typing STR analysis, STR analysis becomes the standard technology in forensics. Therefore, the DNA database (DNA-DB) was first introduced with 4 essential STR markers for the application of forensic science; however, the number of STR markers was expanded from 4 to 13 and 13 to 20 later to counteract the continuously increased DNA profile and other needed situations. After applying expanded STR markers to the South Korean DNA-DB system, it positively affected to low copy number analysis that had a high possibility of partial DNA profiles, and especially contributed to the theft cases due to the high portion of touch DNA evidence in the theft case. Furthermore, STR marker expansion not only contributed to the resolution of cold cases but also increased kinship index indicating the potential for improved kinship test accuracy using extended STR markers. Collectively, the expansion of the STR locus was considered to be necessary to keep pace with the continuously increasing DNA profile, and to improve the data integrity of the DNA-DB.

• 한국전자거래학회지
• /
• 제14권3호
• /
• pp.169-181
• /
• 2009

중요한 증거 또는 단서가 컴퓨터를 포함된 디지털 정보기기 내에 존재하는 경우가 증가함에 따라 디지털 포렌식 기술은 광범위하게 적용되고 있다. 본 논문에서는 네트워크에 분산되어 있는 다양한 디지털 정보기기 내에 증거나 단서가 존재하는 경우 저장매체의 모니터링을 통한 분석자료 수집 에이전트와 포렌식 분석 시스템을 연계한 포렌식 감사 시스템을 구현하였다. 본 논문에서 구현한 포렌식 감사 시스템은 기존 시스템에서 제공하지 않는 네트워크를 통한 실시간 감시와 증거 자료를 남김으로써 IT 인프라 환경에서의 사고나 범죄를 예방하거나 추적 감시할 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권2호
• /
• pp.626-643
• /
• 2023

As mobile forensics has emerged as an essential technique, the demand for technology development, education and training is increasing, wherein images are used. Academic societies in South Korea and national institutions in the US and the UK are leading the Mobile Forensic Image development. However, compared with disks, images developed in a mobile environment are few cases and have less active research, causing a waste of time, money, and manpower. Mobile Forensic Images are also difficult to trust owing to insufficient verification processes. Additionally, in South Korea, there are legal issues involving the Telecommunications Business Act and the Act on the Protection and Use of Location Information. Therefore, in this study, we requested a review of a standard model for the development of Mobile Forensic Image from experts and designed an 11-step development model. The steps of the model are as follows: a. setting of design directions, b. scenario design, c. selection of analysis techniques, d. review of legal issues, e. creation of virtual information, f. configuring system settings, g. performing imaging as per scenarios, h. Developing a checklist, i. internal verification, j. external verification, and k. confirmation of validity. Finally, we identified the differences between the mobile and disk environments and discussed the institutional efforts of South Korea. This study will also provide a guideline for the development of professional quality verification and proficiency tests as well as technology and talent-nurturing tools. We propose a method that can be used as a guide to secure pan-national trust in forensic examiners and tools. We expect this study to strengthen the mobile forensics capabilities of forensic examiners and researchers. This research will be used for the verification and evaluation of individuals and institutions, contributing to national security, eventually.

• 분석과학
• /
• 제11권3호
• /
• pp.1033-1043
• /
• 1998

• 한국정보통신학회논문지
• /
• 제18권12호
• /
• pp.2878-2884
• /
• 2014

2013년도부터 스마트폰을 이용한 Smishing(스미싱) 공격으로 인하여 피해가 발생하고 있다. 2014년 카드 3사의 1억4백만건 개인정보유출로 인하여 Smishing을 이용한 해킹 공격은 증가하고 있다. Smishing 해킹 공격과 연계된 개인정보의 탈취와 직접적인 금융 피해가 발생하고 있다. 본 논문에서는 Smishing 사고에 대한 실제 사례를 실험실에서 연구 분석하고 Mobile Forensic 분석을 실행한다. Smishing 해킹 공격의 기술적인 원리와 실제적인 사례 분석을 하고, Mobile Forensic 분석을 통하여 Smishing을 이용한 해킹 공격의 기술적인 증거자료의 입증과 모바일 포렌식 보고서를 작성한다. 본 논문을 통해 모바일 포렌식의 기술 발전과 Smishing 사고로부터 법정증거의 추출을 연구하여, 안전하고 편리하게 스마트폰을 사용 할 수 있는 안전한 국민생활을 위한 연구가 될 것이다.

• 한국정보통신설비학회:학술대회논문집
• /
• 한국정보통신설비학회 2007년도 학술대회
• /
• pp.142-146
• /
• 2007

Digital Rights Management (DRM) technology has been widely used for protecting the digital contents over the recent years. But the digital contents protected by DRM are vulnerable to various video memory capture programs when DRM packaged contents are decrypted on the consumers' multimedia devices. To make up for this kind of DRM security holes the Forensic Marking (FM) technology is being deployed into the content protection area. Most leading DRM companies as well as big electronics companies like Thomson and Philips already have commercial FM solutions. Forensic Marking technology uses the digital watermarking to insert the user information such as user id, content playing time and etc. into the decrypted and decoded content at the playback time on the consumer devices. When the content containing watermarked user information (Forensic Mark) is illegally captured and distributed over the Internet, the FM detection system takes out the inserted FM from the illegal contents and informs contents service providers of the illegal hacker's information. In this paper the requirements and test conditions are discussed for the commercial Forensic Marking systems.

• 분석과학
• /
• 제32권4호
• /
• pp.155-162
• /
• 2019

Analysis techniques using DNA profiling are widely used in various fields including forensic science and new technologies such as the Direct PCR amplification method are being developed continuously in order to acquire the DNA profiles efficiently. However, it has a limits such as non-specific amplification according to the quality of crime scene evidence samples. Especially, split peaks caused by excessive DNA samples are one of the important factors that could cause the debate to allow researchers to interpret the DNA profile results. In this study, we confirmed the occurrence rate of split peaks in each STR (short tandem repeats) locus of the $GlobalFiler^{TM}$ kit and investigated the possibility of improving the split peaks using several PCR additives such as DMSO (dimethylsulfoxide), $MgCl_2$, Betaine and Tween-20. As a result, we could make three groups according to the occurrence rate of split peaks in Direct PCR and it was confirmed that the ratio of split peaks could be reduced by DMSO (87.4 %), $MgCl_2$ (84.5 %) and Betaine (86.1 %), respectively. These results indicate that PCR additives such as DMSO, $MgCl_2$ and Betaine can be improve the split peaks in Direct PCR and thereby facilitate subsequently a successful DNA profile results.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2011년도 추계학술대회
• /
• pp.287-290
• /
• 2011

스마트폰에서 동기화 기능은 디폴트(default)값으로 설정되어 있다. 동기화가 설정된 스마트폰은 스마트폰 전용 케이블을 이용해 PC에 연결되면 자동적으로 스마트폰 데이터가 백업되어 저장된다. 이 백업 데이터는 일반적인 기술로는 내용을 분석하기가 어려워서 포렌식 기술을 적용하여야 범죄용의자의 정보를 알아낼 수 있다. 따라서 본 논문에서는 동기화 스마트폰의 백업 데이터에 대한 포렌식 분석을 통한 포렌식 증거자료에 대한 연구를 한다. 실험실 환경에서 스마트폰에 개인 금융정보를 보내고, 스마트폰을 훼손하였다고 가정하에 실험을 한다. 스마트폰의 백업 데이터를 포렌식 툴을 사용하여 개인 금융정보 및 범죄 연관 데이터를 분석하고, 포렌식 기술을 적용하여 법정 증거자료로 채택되도록 연구한다. 본 논문을 통해 스마트폰 포렌식 분석에 대한 기초자료로 활용 할 수 있을 것이다.

• Journal of Information Technology Applications and Management
• /
• 제30권6호
• /
• pp.113-142
• /
• 2023

As society becomes more digital, the need for digital forensics experts are gradually increasing. It is necessary to establish a training policy that reflects the special characteristics of digital forensics personnel. Although there are fragmented policies for digital forensics-related systems and human resources training in academia, it is an urgently necessary to establish a systematic and long-term policy to foster digital forensics experts. This study suggests curriculum of digital forensic based on the importance ranking among forensic subjects. The importance ranking can be decided by forensic experts. This study can be used as policy data to foster diverse talent that can effectively meet the increasing demand for digital forensics talent. The systematic curriculum proposed in this study is a practical curriculum at the undergraduate level and can be suitable for university level